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IN THE CLAIMS 

Please amend claims 1-8, 12-15, 1 8, and 21 as indicated below, 

1 . i Currently Amended) A computer implemented method comprising: 

iVt res ponse to a request for establishing a gene r ic routing encapsulation (GRE) tunn el 

received at a first network element, the first network elemenld etermining a set 

of endpoints for a generic routing encapsulation (GRE) t he requested GRE 

ninne l based on the Tequest ; 
determining a key, the key corresponding to a virtual private network (VPN); 
dynamically establishing the GRE tunnel with the set of endpoints and the key 

between the first network element and a second network element, the second 

network element being identified bv the set of endpoints ; and 
processing a set of GRE traffic for the VPN within the established GRE tunnel 

between the first and second network elements over a network provided by a 

network provider - 

2. (Currently Amended) The computer implemented method of claim 1 wherein the s e t 
e f pointo comprise a first valno indicating a firot virtual router^ tho first virtual router 
c orresponding to the VPN, a second valu e indicating a second virtual router, a third value 
& Seating a third virtual router, tho s e cond and third virtual routers corresponding to - a 
b ackbon e , and a fourth value indioating - a fourth virtual router, the fourth virtual router 
ftiTTOftprmriiris to the VPN, the set of endpoints comprises a first set of en dpoints, wherein the 
method further comprises: 
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thP fir.t network ^"™» d^rrmm nF the , firs t set of endpoints base d on an ID of the 
^nested ORE first set of end p o in ts i den ti f y infiihe second network 

element: and 

.h. fi ^ T^twnrT. aiBinent tra n smitting the first set of endpoints and the key to . th g 

nfaimA network pigment to ena ble the second network element to respond in 
estabUshina the ORE tunne l with the first network element. 

3. (Currently Amended) The computer implemented method of claim 1 whoroin 
dy namically e stabliohing tho ORE tunnol ooroprisooi- 2, wherein the set of endpoints furthe r 
mm prises a second set of endpoints. wherein the method furthe r comprises: 

the first network element determining the second set o f endpoints based on the first set 
nf ftnri points and the key, the first and secon d sets of endpoints identifying a 
first and second virtual routers of the first network ele ment the first virtual 
router interfacing with a first site of an entity from which the request is 
ori ginated and the second virtual router interfacing with th e second network 
element; and 

directing network traffic between the first and second virt ual routers, where the second 
virtual router exchanpes the network traffic wi th the second network element 
via the GRE Lunnel. 

establishing q firot subset of the set of ondpointo for entering and exiting tho VPN; and 
establishing an initiation point and a termination point for the GRE tunnel with a 
sooond oubset of tho oot of e ndpoints. 

4. (Currently Amended) A computer impl e mented mothod comprising: 
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determining a first sot of oadpomtc for a g o nc i ic routing nnrnp ^ln t i o n (ORE) tunnel; 
d e termining a toy, tha key corresponding to a virtual privato network (VPN); 
Q Li agt l iG I : oy and t he "ft nf rnrlrfflntT ^ ^tnt-min* .i r.ccnndgot of o ndpoiitts for th o 

establishing the GRE runnel with the set of attributes; and 

prorrn- , inc n i" * ^ fnr thn VPN The computer imp l eme nted method o f claim 3 V 

wh erein the set of endpoints further comprises a third set of endp oints, wherein the method 
fuither comprises: 

receiving at a third virtual router of the second network element t he first set of 

endpoints and the key received from the first network element, the third virtual 
router interfacing the second network element with the first netwo rk element 
via the GRE tunnel; 

the second network element determining the third set of endpo ints based on the first 
set of endpoints and the key, the third set of endpoints identifying a fourth 
virtual router interfacing the second network element w ith a second $ite of the 
entity; and 

directing the network traffic between the third and fourth virtual routers, where the 
fourth virtual router exchanges the network traf fic with the second site of the 
entity. 

5. (Currently Amended) The computer implemented method of claim 4 wherein tho first 

of ondpoints comprise) a first value indicating a first virtual router, tho first virtual rout e r 
b eing an initiation point of the GRE tunnel, and q second value indicating a sooond virtual 
ro uter, tho second virtual router b e ing a termination point for the GRE tunnel, the first 
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n ^.,^ .i^t , remote serv er t o dete rmine the first set of endppjnts based on the 

in „f th. ^nested GRE tunnel, wherein in response to the first set of endpoints, the first 
m . vnrV th« r^mnte server to determine the second set of efldpoints using the 

w of end points and the kev. and wherein in response to the first set o f endpoints and the 
Wvt^ivttd from the first n etwork element , the second network element accesses the remote 
server to determine the third se t of endpoints. 

6. ;Currently Amended) The computer implemented method of claim 4 wherein the 
se cond cot of endpoints comprioe a first value indicating a first virtual router corrooponding to 

VPN^ and a s e cond value indicating a second virtual routor, th e s e cond virtual rout e r 
flftrmr. r nnding to the VP Nthg entity is a first entity and the fi rst and second sites of the first 
en tity exchange network traffic via a first VPN within the G RE tunneL wherein the method 
fu rther comprises establishing a second VPN within the GRE tunnel b etween a third site and a 
fo urth site of a second entity to enable the third and fourth sites of the second entity to 
ex change network traffic via the second VPN within the GRE. such that the first and second 
er tities share the GRE tunnel using the first and second VPNs . 

7. forifrin alCurrentlv Amended) The computer implemented method of claim 4-6wherein 
&e~9 ccond sot of ondpointa and the s e t of attributes ore each indoxod by th e k e y and tho first 
&g t of endpoints the remote server comprises a RADIUS, wherein the second and third set of 
e ndpoints comprise substantially identical information retrieved from the RADIUS, and 
w herein the first and second entities are different organizations sharing the first and second 
n etwork elements to traverse through the network of the network provider . 
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8. (Currently Amended) A system comprising: 

a first network element to determine a key and a first set of endpoints for a generic 

routing encapsulation (GRE) tunnel, the key corresponding to a virtual private 
network (VPN), to determine a second set of endpoints for the GRE VPN 
based on the first set of endpoints and the key , to configure an initiation point 
of the GRE tunnel based on the first and second sets of endpoints, to transmit a 
packet having the first set of e nd point s endpoints and the key; and 
a second network element coupled with the first network element, the second network 
element to receive the packet, to determine the second set of endpoints for the 
GRE VPN using the received first set of endpoints and the key , and to establish 
the GRE tunnel with the first network element using the first and second sets of 
endpoints , 

9. (Original) The system of claim 8 further comprising a third network element, the third 
ne twork element coupled with the first and the second network element, the third network 
element to receive a set of data from the first network element and forward the set of data to 
the second network element, the set of data being for the VPN. 

10. (Original) The system of claim 8 wherein the second set of endpoints are indexed by the 
first set of endpoints and the key. 

1 L (Original) The system of claim 8 wherein to configure the initiation point comprises to 
configure one of the second set of endpoints to one of the first set of endpoints. 
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12. (Currently Amended) An apparatus comprising: 

a control engine to retrieve a first set of endpoints corresponding to a generic routing 
encapsulation (GRE) tunnel based on an ID of th e GRE tunnel, to retrieve a 
second set of endpoints corresponding to the first set of endpoints and a key, 
the key corresponding to a virtual private network (VPN); and 
a forwarding engine coupled with the control engine, the forwarding engine to 

establish an initiation point of the GRE tunnel usin g the first a nd second sets of 
endpoints and to transmit a set of traffic over the GRE VPN with a termination 
point of the GRE tunnel over a network of a network provider, wherein at least 
one of the first and second sets of endpoints identifies the termina tion point of 
the GRE tunnel . 

12 . (Currently Amended) The apparatus of claim 44-1 2 wherein the forwarding engine to 
host a first and second virtual router, the first virtual router corresponding to one of the first 
set of endpoints and the second virtual router corresponding to one of the second set of 
er.dpoints. 

14. (Currently Amended) The apparatus of claim 4^12 wherein the second set of 
endpoints are indexed by the key and the first set of endpoints. 

1:5. (Currently Amended) An apparatus comprising: 

an input/output module to receive a set of dat a from a network e lement over a 

network , the set of data indicating a key and a first of set of endpoints of a 
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generic routing encapsulation (GRE1 tunnel, the key corresponding to a virtual 
private network (VPN); and 
a control engine coupled with the input/output module, the control engine to determine 
a second set of endpoints for the VPN with the key and the first set of 
endpoints; and 

a forwarding engine coupled with the control engine and the input/output module, the 
forwarding engine to dynamically establish the GRE tunnel withthe network 
element over the network using the first set of endpoints and the second set of 
endpoints and to process a set of traffic for the VPN. 

16. (Original) The apparatus of claim 15 wherein the second set of endpoints are indexed by 
ths key and the first set of endpoints. 

17- (Original) The apparatus of claim 15 wherein to establish the GRE tunnel comprises: 

to configure one of the second set of endpoints to one of the first set of endpoints; and 
to indicate the key in a list of keys. 



i:>. (Currently Amended) A machine-readable medium that provides instructions, which 
when executed by a set of one or more processors, cause said set of processors to perform 
operations comprising: 

retrieving a first set of endpoints of a generic routing encapsulation (GRE) tunnel with 
based on a ynnrin muting encapsulation TGRE^ tunn e l n am e oFthe GRE 
tunnel in response to a request for establishine the GRE tunne l, the first set of 
endpoims identifying a termination point of the GRE tunnel ; 

Application Serial No. 09/941.223 -S- Atry. Docket No. 004906.P020 

PAGE 9/15 * RCVD AT 4/28/2005 1:06:55 PM [Eastern Daylight Time] * SVR:USPT0-EFXRF-1/2 * DNIS:8729306 * CSID:408 720 9397 * DURATION (mm-ss):04-00 



04/28/05 10:07 FAX 408 720 9397 



B.S.T.&Z. 



@1010 



determining a second set of endpoints with the first set of endpoints and a key, the key 

corresponding to a virtual private network (VPN); 
establishing an initiation point of the GRE tunnel with the first set of endpoints and the 

second set of endpoints; 
transmitting the first set of endpoints and the V«y to the identified termination point to 

establish the GRE tunnel with the termination point ; and 
transmitting a set of traffic over the GRE VPN. 

19 . (Original) The machine-readable medium of claim 18 wherein the establishing the 
initiation point of the GRE tunnel comprises configuring one of the second set of endpoints to 
OT.e of the first set of endpoints. 

20. (Original) The machine-readable medium of claim 18 further comprising: 

receiving a second set oF traffic for a second VPN, the second set of traffic indicating 
the GRE tunnel; 

determining a third set of endpoints with a second key and the first set of endpoints, 

the second key corresponding to the second VPN; 
configuring one of the third set of endpoints to one of the first set of endpoints; 
transmitting the second key and the first set of endpoints; and 
transmitting the second set of traffic. 

21. (Currently Amended) A machine-readable medium that provides instructions, which 
w hen executedi by a set of one or more processors, cause said set of processors to perform 
operations comprising: 
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listening for a packet, the packet indicating a first set of endpoints for a generic routing 
encapsulation (GRE) tunnel and a key, the key corresponding to a virtual 
private network (VPN); 

feceiving the packot; 

in response to the packet received from a network clement over a network, r etrieving a 
second set of endpoints for the VPN with the first set of endpoints and the key; 

establishing the GRE tunnel with the network element over the network using the first 
set of endpoints and the second set of endpoints; and 

processing a set of traffic over the GRE VPN. 

22. (Original) The machine-readable medium of claim 21 wherein establishing the GRE 
tunnel comprises: 

configuring one of the second set of endpoints to one of the first set of endpoints; and 
maintaining the key in a list of keys. 

23. (Original) The machine-readable medium of claim 21 further comprising: 

receiving a second packet, the second packet indicating the first set of endpoints and a 

second key, the second key corresponding to a second VPN; 
retrieving a third set of endpoints with the second key and the first set of endpoints; 
receiving a second set of traffic; and 

forwarding the second set of traffic to one of the third set of endpoints. 



24-. (Original) The machine-readable medium of claim 21 further comprising: 
receiving a second packet, the second packet indicating a second key; 
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detennining that the second key is not in a key list; and 

ensuring that the second packet originated from an interior source. 
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